# Filters added to this controller apply to all controllers in the application.
# Likewise, all the methods added will be available for all controllers.

class ApplicationController < ActionController::Base
  helper :all # include all helpers, all the time

  # See ActionController::RequestForgeryProtection for details
  # Uncomment the :secret if you're not using the cookie session store
  protect_from_forgery  :secret => '7de0a91d7e49455969e463d8715dd66a'
  
  # See ActionController::Base for details 
  # Uncomment this to filter the contents of submitted sensitive data parameters
  # from your application log (in this case, all fields with names like "password"). 
  # filter_parameter_logging :password
  
  BASE_URI = 'http://api.xiaonei.com/restserver.do'
  def get_xnuser_info(uid)
    data = {}
    data['api_key'] = session[:xn_sig_api_key]
    data['method'] = "xiaonei.users.getInfo"
    data['call_id'] = "1.0"
    data['sig'] = '1.0'
    data['v'] = '1.0'
    data['session_key'] = session[:xn_sig_session_key]
    data['uid'] = uid
    data['fields'] = ''
    response = Net::HTTP.post_form(URI.parse(BASE_URI),data)
    
    logger.info("Xiaonei User Info received: " + uid)
    if response.message == "OK"
      document = REXML::Document.new(response.body)
      REXML::XPath.first(document, '//user') do |user|
        user
      end
    end

  end


end
